General
-
Target
config.exe
-
Size
1.6MB
-
Sample
240217-z616baah2z
-
MD5
ece5495a1956228ba3276086354ad0c2
-
SHA1
40fa1924abfb8b13678ade0f9adbd994ec0e2245
-
SHA256
e917a7aa5587a518957f8da2418fbbb280039b2cf744ea13b9c12f97d1ef1043
-
SHA512
5a45ae674a20ce951bd98a8fa2a40eabafaa046e8d2e071c20fdee4239e4e0580d9634bc3763702a7a74c764764f3a28224d0204596324fd81cf62e2343c4fd8
-
SSDEEP
49152:XkTq24GjdGSiqkqXfd+/9AqYanieKdsQ:X1EjdGSiqkqXf0FLYW
Behavioral task
behavioral1
Sample
config.exe
Resource
win10v2004-20231215-en
Malware Config
Extracted
stealerium
https://discord.com/api/webhooks/1206537753861300226/aKKiWFDpIciLDqtRZYtciysxc_ZV_-eGjjurDiNwehAaG91ri8fAXShRnO-X2Q1xcSAo
Targets
-
-
Target
config.exe
-
Size
1.6MB
-
MD5
ece5495a1956228ba3276086354ad0c2
-
SHA1
40fa1924abfb8b13678ade0f9adbd994ec0e2245
-
SHA256
e917a7aa5587a518957f8da2418fbbb280039b2cf744ea13b9c12f97d1ef1043
-
SHA512
5a45ae674a20ce951bd98a8fa2a40eabafaa046e8d2e071c20fdee4239e4e0580d9634bc3763702a7a74c764764f3a28224d0204596324fd81cf62e2343c4fd8
-
SSDEEP
49152:XkTq24GjdGSiqkqXfd+/9AqYanieKdsQ:X1EjdGSiqkqXf0FLYW
Score10/10-
Accesses Microsoft Outlook profiles
-
Legitimate hosting services abused for malware hosting/C2
-
Looks up external IP address via web service
Uses a legitimate IP lookup service to find the infected system's external IP.
-